Merge pull request #3742 from liam-hq/devin/1760079394-add-auth-error-logging

feat: Add comprehensive error logging to authentication flows

Author: junkisai

frontend/apps/app/app/auth/callback/[provider]/route.ts

@@ -25,8 +25,18 @@ export async function GET(request: Request) {
       }
       return NextResponse.redirect(`${origin}${next}`)
     }
+    console.error('OAuth callback code exchange failed:', {
+      error: error.message,
+      code: error.status,
+      provider: request.url.includes('/github') ? 'github' : 'unknown',
+      timestamp: new Date().toISOString(),
+    })
+  } else {
+    console.error('OAuth callback missing code parameter:', {
+      url: request.url,
+      timestamp: new Date().toISOString(),
+    })
   }
 
-  // On error, redirect to an error page with instructions
-  return NextResponse.redirect(`${origin}/auth/auth-code-error`)
+  return NextResponse.redirect(`${origin}/error`)
 }

frontend/apps/app/app/confirm/route.ts

@@ -22,6 +22,17 @@ export async function GET(request: NextRequest) {
       // redirect user to specified redirect URL or root of app
       redirect(next)
     }
+    console.error('Email confirmation OTP verification failed:', {
+      error: error.message,
+      type,
+      timestamp: new Date().toISOString(),
+    })
+  } else {
+    console.error('Email confirmation missing parameters:', {
+      hasToken: !!token_hash,
+      hasType: !!type,
+      timestamp: new Date().toISOString(),
+    })
   }
 
   // redirect the user to an error page with some instructions

frontend/apps/app/components/LoginPage/services/loginByEmail.ts

@@ -7,6 +7,22 @@ import { urlgen } from '../../../libs/routes/urlgen'
 import { ensureUserHasOrganization } from './ensureUserHasOrganization'
 import { sanitizeReturnPath } from './validateReturnPath'
 
+function maskEmail(email: string | undefined): string {
+  if (!email || typeof email !== 'string') return '[invalid-email]'
+
+  const atIndex = email.indexOf('@')
+  if (atIndex <= 0) return '[invalid-email]'
+
+  const localPart = email.substring(0, atIndex)
+  const domain = email.substring(atIndex)
+
+  if (localPart.length <= 2) {
+    return `${localPart[0]}*${domain}`
+  }
+
+  return `${localPart[0]}${'*'.repeat(localPart.length - 2)}${localPart[localPart.length - 1]}${domain}`
+}
+
 export async function loginByEmail(formData: FormData) {
   const supabase = await createClient()
 
@@ -31,6 +47,11 @@ export async function loginByEmail(formData: FormData) {
 
   const parsedData = v.safeParse(loginFormSchema, formDataObject)
   if (!parsedData.success) {
+    console.error('Login validation failed:', {
+      errors: parsedData.issues,
+      emailMasked: maskEmail(formDataObject.email?.toString()),
+      timestamp: new Date().toISOString(),
+    })
     redirect(urlgen('error'))
   }
 
@@ -39,6 +60,12 @@ export async function loginByEmail(formData: FormData) {
   const { error } = await supabase.auth.signInWithPassword(data)
 
   if (error) {
+    console.error('Login authentication failed:', {
+      error: error.message,
+      code: error.status,
+      emailMasked: maskEmail(data.email),
+      timestamp: new Date().toISOString(),
+    })
     redirect(urlgen('error'))
   }
 

frontend/apps/app/components/LoginPage/services/loginByGithub.ts

@@ -68,6 +68,11 @@ export async function loginByGithub(formData: FormData) {
   })
 
   if (error) {
+    console.error('GitHub OAuth initialization failed:', {
+      error: error.message,
+      redirectTo,
+      timestamp: new Date().toISOString(),
+    })
     redirect(urlgen('error'))
   }